The present invention relates to the field of information technology, including, more particularly, to systems and techniques for networking.
Enterprise cloud computing is becoming inevitable. The advancement of mobile devices such as smart phones and touch pads has further pushed the deployment of cloud computing infrastructure to support various business applications online. According to market research analysts, by end of 2016, more than 15 percent of worldwide enterprise IT spending will be on public or hybrid cloud computing environments.
While much of the world is embracing cloud computing, cloud deployments still require intensive customization efforts and remain challenging for enterprises to establish a hybrid infrastructure, on demand, connecting applications (e.g., client-server software) and computing resources in public and private computing environments without compromising enterprise security and compliance.
The conventional IT network and infrastructure security technology does not directly apply to the hybrid environments. To brute force a connection, enterprise IT is facing a tremendous amount of operating risks and efforts to accomplish their mission. A next-generation platform is needed to address the needs.
The world's top-tier cloud service providers have extensive experience in deploying a flat cloud computing infrastructure inside a single datacenter. To facilitate ease of management and on-demand services, these implementations feature a unified network and infrastructure security supporting the cloud. This approach significantly simplifies the management of applications running in the cloud by eliminating the complexity for network and infrastructure security. While this approach may be appropriate within the environment of a single datacenter, it is difficult to apply in a hybrid cloud environment, where the underlying network and infrastructure security are distributed, segregated, and belong to multiple authorities.
More particularly, in modern enterprises, the network and security infrastructure are specifically designed to implement corporate security and compliance governance. The critical business data and operations are typically deployed in the inner layer of a network domain behind layers of firewalls. Such a secure network and firewall system block the external malicious access intents or at least make it extremely challenging to penetrate. However, on the other hand, if there is any new business initiative that requires an access connection from an external location to reach the inner most layers, it can be extremely difficult or could require a tremendous amount of corporate IT efforts to re-provision the environment and to allow the traffic to travel through.
Today's high-tech industry (e.g., semiconductor and EDA (Electronic Design Automation)) is consolidating, converging, and moving toward a service-oriented industry. The technology products being developed by the enterprises in this industry are becoming extremely sophisticated, and the enterprises frequently require some form of collaboration from their eco-system partners and vendors. These enterprises typically place their valuable IP (Intellectual Property) and development resources behind layers of firewalls for protection. This security infrastructure, however, makes the legitimate access extremely difficult. As a result, the business suffers with poor productivity and lengthy delays in resolving technical and business oriented issues.
Thus, there is a need to provide systems and techniques to facilitate secure communications between two or more network domains.